Technology – Ideas in Motion

On this page, I post thoughts about technology, context awareness and predictive analytics. You can find out about my career in technology or my writing here as well. (Today, I am a proud Intel employee, and my employer is not accountable or liable for my opinions.)

| Interview with Ned Hayes (Re-posted from Toolbox) How to Use Biometrics to Ensure Security: An Interview with Ned Hayes of SureID By Neha Pradhan Thursday, February 14, 2019 “Biometrics provide multiple modalities and are not so easy to fake, spoof, or duplicate in real-time, they have now taken the pole position in terms of identity proofing.” The General Manager of SureID, Ned Hayes, weighs in on how the use of biom etrics technology has evolved over the years, allowing governments and users to create stricter laws around human rights and privacy. From iris scans to voice typing and gait tracking, Ned lets us know about the new methods of biometrics today and the security parameters that relate to them. As a technologist, identity researcher and author himself, Ned has created awareness on biometrics technology through his books and work. His most recent novel was the national bestseller The Eagle Tree, which was nominated for the Pacific Northwest Booksellers Award. SureID has supported military installations through trusted credentialing, vetting, and screening services to become one of the first approved FBI channelers. In this interview, Ned identifies the top three industries for biometrics and AI. He answers questions around: How this space has evolved over the years? What outcomes can be drawn from biometrics today? How can startups be more cognizant and democratize the use of biometrics technology? And, how technology leaders can deploy biometrics technology in a responsible way? Key takeaways from this interview: Understand the types of biometrics and its uses Learn more about the global biometrics market The latest trends to track in this space Here’s what Ned says about the impact of AI on cybersecurity and biometrics: Ned, to set the context, data breaches continue to rattle digital experts globally. Over the last year, 34% of US consumers have reported a breach in their personal data. In your opinion, what are biometrics in this context and how have they evolved as credible solutions to these universal challenges? The interesting thing about biometrics over time is that fingerprints and other associated biometrics were once seen as just one way of proving identity – they weren’t seen as significantly different or superior in terms of usefulness or security compared to other means of proving identity. Yet the emergence of digital identity has led to numerous hacks of knowledge-based identity – when credentials are only comprised of something you know, these items become highly portable and easily duplicated. It’s all too easy to fake or replicate digitally-based identities. However, because biometrics provide multiple modalities and are not so easy to fake, spoof, or duplicate in real-time, biometric factors have now taken pole position in terms of identity proofing. As new methods of collecting ever-more-granular biometric data points emerge, from iris scans to voice typing to gait tracking, it’s been possible to create a gold standard from a holistic set of biometrics. The newer high-fidelity biometrics have raised the bar even further for identity proofing, so that safer environments can be created for consumers, with a minimum of technical buy in or hassle to end-users. What makes biometrics so compelling is that they are industry agnostic – no one vendor owns the standard – and biometrics potentially tie together different modalities. When combined, multiple biometrics can create a much safer environment for the consumer,...

| Published in Help Net Security this week: Taking Ethical Action in Identity – 5 Steps Towards Better Biometrics Glance at your phone. Tap a screen. Secure access granted! This is the power of biometric identity at work. The convenience of unlocking your phone with a fingertip or your face is undeniable. But ethical issues abound in the biometrics field. The film Minority Report demonstrated one possible future, in terms of precise advertising targeting based on a face. But the Spielberg film also demonstrated some of the downsides of biometrics – the stunning lack of privacy and consumer protection. What’s fascinating is that many of these concerns were anticipated over a century ago. In 1890, Louis Brandeis advocated privacy protection when he co-authored an article with colleague Samuel Warren in the Harvard Law Review advocating “the right to be let alone.” Brandeis, a future Supreme Court Justice, stated then that the development of “instantaneous photographs” and their dissemination by newspapers for commercial gain had created the need for a new “right to privacy.” Today, technology has potentially swamped that right to privacy. From one public CCTV to the next, a long-term history can be stitched together from multiple video sessions to create one end-to-end picture of an individual’s journey. The owner of a shopping mall or private entertainment facility could easily track behavior from store to store, delivering specific data to store owners and making predictive findings on your behavior over time. There’s a fix for the Minority Report problem: transparency. Companies who control biometrics should be transparent about what they are collecting, how it is collected and stored and the potential for abuse or mis-identification. If an error occurs, companies should be transparent with that data and provide a publicly available fix for that mistake. Just as you have a right to know what Facebook is collecting on you, you should also have the right to know how your face can be identified by what company and for what purpose. You shouldn’t be surprised if recognized in a crowded public place, and you should know if law enforcement has access to that data. The degree to which your shopping behavior is “private” is arguable, but it is inarguable that we should discuss this topic rather than just letting commercial terms dictate what the world knows about us. Unfortunately, we don’t have a good grounding today in what an informed public discussion looks like. A recent Pew study demonstrated that 74% of the American public doesn’t understand that Facebook is targeting advertising to individuals based on a profile they’ve built of your interests. This is not the fault of the consumer: this is a problem caused by tech companies who have not served the public with full transparency and open information. All of these ethical issues can be addressed, but we need to start now. Here are some basic steps that can assist you and your team in anticipating and addressing potential ethical issues. 1. Put humans in the loop: First, we should ensure that a human being is always in the loop. Human beings are not immune to errors or biases, but having a qualified person review your facial or fingerprints file to determine if it’s correct should be a standard practice. Today, it is not, and far too many...

My team at Intel spent the last few years working on this great new Context Sensing awareness system that will be announced on new Dell laptops at CES 2019. Congratulations to the Context team at Intel! Dell’s new Latitude laptop can detect your presence and wake itself — Your laptop might already use your face to sign in, but Dell is taking it one step further. Ahead of CES 2019, the computer manufacturer has unveiled an updated version of its commercial 2-in-1, the Latitude 7400. These enterprise devices don’t usually come with the most exciting technologies, but this one is different. The new Latitude 7400 device comes equipped with a feature that can actually sense your presence and use Windows Hello to log you in. Dell calls the feature “ExpressSign-In,” a technology that pairs a special proximity sensor that with Windows Hello to make sign-ins just a bit faster. Essentially, the sensor will detect a person’s nearby presence and will wake the system on its own, rather than waiting for someone to hit the power button. Once awake, the Windows Hello infrared camera then searches for a face match. It should make for automatic logins and signs out. Outside of the new sign-in feature, the convertible also packs some other enterprise features such as options for Cat 16 Gigabit LTE, a fingerprint reader, and the FIPS 201 Smart Card Reader. IT professionals can also enjoy the ability to manage Windows 10 endpoints with DCDD and Workplace One integration. KEY SPECS Processor: 8th-gen Intel Core Whiskey Lake Speakers: Stereo Speaker with MaxxAudio Pro Memory: Up to 16GB LPDDR3 SDRAM Storage: 256GB up to 2TB SSD Battery: 52 watt-hour or 78 watt-hour Ports: 2 USB 3.1 ports, 2 Thunderbolt 3 ports, SD 4.0 memory card reader Security: Fingerprint reader, FIPS 201 Smart Card Reader, NFC, Windows Hello IR The Latitude 7400 2-in-1 has also been dubbed the world’s smallest commercial 14-inch 2-in-1, as it packs narrow borders that are 25 percent smaller than the previous generation. It is also light and comes in at 3 pounds in weight, with its machined aluminum and diamond cut finish. Elsewhere, Dell has redesigned the cooling system with a new “intelligent thermal responsiveness,” which can adjust to the way the laptop is used. Be it on the lap or a desk, Dell promises the system can keep the Latitude cool. Battery life is also boasted to not be an issue, as Dell is packing a super low-power panel, as well as support for express charge technologies. That should ensure that you can charge faster and get through the day without having to plug into an outlet. How long can it last? Up to a whopping 24 hours, according to Dell. The Latitude 14 7400 will be available in March for prices starting at $1,600. Please like &...

| Article in Cyber Defense Magazine, January 2019 — Ned Hayes, General Manager, SureID Facial recognition, one of the most popular methods of biometric enrollment and customized marketing, will bring us to ultra-surveillance, targeted assassinations and Black Mirror-style oversight. At least, this is what critics of the technology would have you believe. Yet we don’t see such dystopian outcomes in commercial authentication and identity verification today. So why are these critics so concerned, and what can security professionals do to alleviate their concerns? By 2024, the market for facial recognition applications and related biometric functions is expected to grow at a 20% compounded rate to almost $15.4 billion. Already, almost 245 million video surveillance systems have been deployed worldwide, and that number is growing. Video facial recognition technology isn’t going away. Yet as the technology keeps expanding to new segments and use cases, ethical concerns have not settled down – in fact, they’ve proliferated. Early concerns focused on the surveillance itself: should human beings be watched 24/7? As the use of CCTV data in criminal investigations proved to have value, though, these concerns have grown to focus on the data that video stream provides and the inferences that can be drawn from that data. Machine learning and new predictive techniques, when used to analyze a video stream, can produce findings well beyond facial identity. They can infer emotional state, religious affiliation, class, race, gender and health status. In addition, machine learning methods can determine where someone is going (travel trajectory), where they came from (national origin), how much they make (through clothing analysis), diseases they have (through analysis of the vocal track), and much more. Yet like all technology, these techniques are imperfect. They don’t always recognize faces accurately: false positives and false negatives happen. Some algorithms get confused if you wear a hat or sunglasses, grow a beard, or cut your hair differently. Even worse, training data used to develop many early facial recognition algorithms was originally mostly Caucasian, so people of African and Asian descent are not recognized as well. This can result in biased conclusions, even if the intent was not to create a biased system. And biometrics themselves are not a foolproof system. Some facial recognition systems can be “hacked” with dolls, masks and false faces. Recently, Philip Bontrager, a researcher at NYU, revealed that he’d created a “DeepMasterPrint” fingerprint that could combine the characteristics of many fingers into one “master print” that could log into devices secured with only a single fingerprint authentication routine. A single finger on a pad or a single face seen by a camera should be insufficient to grant access. Biometrics are hackable, and over time it’s clear that we’ll find increasing exploits that take advantage of known and unknown weaknesses. So the critics of biometrically-based recognition and authentication have a right to be concerned about the weaknesses of an early technology that is only now beginning to mature, yet is already broadly deployed in critical infrastructure and identity verification scenarios. Two recent developments that are changing the game for everyone who relies on biometrics magnify the importance of these concerns. And this time, artificial intelligence researchers, activists, lawmakers and many of the largest technology companies also express concern. These two developments, happening simultaneously, are: Machine Learning in Real-time: The...

|New post published by Technica Curiosa. Complete article here >> We live in an age where personal information is difficult to protect, and passwords are far from unbreakable. Recently, IBM surveyed nearly 4,000 people and learned that 67% are comfortable using biometrics, and 87% would be comfortable using biometric authentication in the future. Millennials are particularly comfortable with biometric security, with 75% reporting that they’re at ease with today’s technology. In fact, if you used a fingertip scan to log into your phone to read this article, you just used biometrics to verify your identity. From passwords to PINs to tokens, there are many ways we provide credentials, but no method has grown in popularity more than biometrics. Biometrics have steadily moved in to replace document-based identities such as a driver’s license, physical credentials like swipe cards used for secure building access, and especially the username/password system that’s been in use since the dawn of the computer age. Biometrics are also the future of background checks. Instead of submitting documents and identity in person, you can enroll your biometrics through several nationwide systems to instantly prove and verify your identity. FBI channelers use biometrics for regulated purposes and retrieve a criminal background check in near real-time. Fingerprints can even now be used for on-the-spot drug testing. Today, customers of all sizes are increasingly providing biometric identifiers for verification, authentication, access and secure transactions. Are Biometrics Safe from Hacking? It’s a lot easier for a hacker to crack the password you created that uses your dog’s name and your first child’s birthdate, but biometrics aren’t immune to hacking. Dolls, masks, and false faces can break some facial recognition systems. Philip Bontrager, a researcher at NYU, created a fingerprint that combined the characteristics of many fingerprints into one fake finger that contains multitudes — he calls this hack the “DeepMasterPrint.”. The DeepMasterPrint could be used to log into devices with only a single fingerprint authentication routine, such as a smartphone, a tablet or even your home security system. What Bontrager did here was simply prove the obvious: Biometrics are hackable. The Security Cold War If you’re paying attention to the history of hacking security mechanisms, we all know how this story goes. Here’s the pattern of the security cold war: A secure system is hacked through one extremely complicated exploit, explained by academics.Security experts demonstrate solutions to the first hack and create an ongoing set of solutions designed to circumvent the first hack. Many consumers ignore this fix. Professional state actors or black hats use the same general method to hack unprotected systems, raising the bar on security professionals and system protection. Unfortunately, their efforts often go for naught as the original hack is replicated by script kiddies and used voluminously to steal identities, money and goods. Eventually, we end up in a place where complicated solutions exist to prevent the original hack and all hacks that emerged out of the same system weakness. The matrix above has been replicated across multiple systems and functions over time. Right now, with biometric-based identity, we are at the early stage (1), and I’m here to provide stage (2) — the security expert explains the need for protection and demonstrates a set of solutions. If people don’t ignore this set of fixes, it’s unlikely...

|Founder of local multi-platform publication group successfully sells off publication unit to local entrepreneur >> Coverage included: The Olympian: Founder Sells to Local Marketing LeaderSound Sound Business: Oly Arts Bought by Local Publisher OLY ARTS, the three-year-old multiplatform publication focused on arts and cultural events in Thurston County and surrounding regions, announced today that the publication has signed an acquisition agreement with local media expert Billy Thomas, who currently serves as the publication’s associate publisher. In an equity-only transaction valued at $350,000, Mr. Thomas will become the publication’s owner and primary publisher and will take over all daily operations for all OLY ARTS media properties in October 2018. “I am honored to take the helm for such a wonderful team,” said Thomas. “I’m excited to see what the future holds for this publication as we expand into new media ventures.” Thomas has previously led public relations, marketing and sales for the Washington Center for the Performing Arts and facilitated community relations and advertising sales at both The Olympian and The News Tribune. Thomas has been part of the OLY ARTS staff since late 2017. Ned Hayes, a technology entrepreneur and former journalist, founded the publication in 2015. “I am excited to transition our successful publication, growing audience and supportive advertisers to Billy Thomas,” said OLY ARTS founder Hayes. “Billy has been a fantastic partner and manager for the publication over the last year, and I am excited to have his energetic leadership as OLY ARTS moves into the future.” Olympia leaders and national publications have recognized the success of OLY ARTS over the past three years. The Seattle Times has worked with the OLY ARTS team on coverage of theater issues at Harlequin Productions in Olympia. In September 2018, the Washington Post also contacted OLY ARTS for regional media assistance and worked closely with OLY ARTS founder Hayes to write a comprehensive travel guide article about Olympia regional attractions. “OLY ARTS has greatly enhanced the profile of our local arts and cultural assets, not only in Olympia but in the surrounding region as well.” said Olympia mayor Cheryl Selby. “I’m happy to see the publication continue to grow with this new management team.” Under Hayes’s tenure as owner and publisher of OLY ARTS, the publication launched online, mobile, and podcast media outlets, and created from scratch a regional audience of tens of thousands of readers for print and online versions of the publication. OLY ARTS also moved from a quarterly publication in its first year to a schedule of seven annual print editions. Hayes also created partnerships with the City of Olympia Parks, Arts & Recreation for lead sponsorship of the twice-annual Olympia Arts Walk, as well as partnerships with all local theaters, the City of Lacey’s summer In Tune program and the annual Oly Old Time Festival. In recent months, Thomas has led the publication’s transition from a newsprint circular into a bound glossy premium print magazine distributed throughout Thurston, Lewis, Mason, and Pierce counties, and at every local arts event and festival. He has continued OLY ARTS’ vision of community involvement by leading partnerships with local arts organizations such as Emerald City Music, Broadway Olympia and the Olympia Film Festival. As the acquisition concludes, Hayes will transition into a new role as President of the parent company,...

I’m a startup guy. In 2012, I had the opportunity to do another startup. I was talking to venture capitalists and seed partners about funding my next new idea. I won’t go into too many details about the concept and the tech now, but it has been ironically satisfying to see the basic kernel of my idea become a Black Mirror episode. In other words, my idea was viable enough to be conceptualized as one future possible and showcased on a popular TV show, seven years after I first conceived of it, and put the pieces in place to build the tech. It’s weirdly satisfying, and also terrifying to see the Black Mirror version of my intended future. At that time, I also had in play an offer from a great team led by Peter Biddle at Intel, to come join them and deliver a new identity-based set of cloud services that could move Intel from a side-player in cloud services and identity solutions into a front runner. Peter is a dynamic and inspiring leader: I was inspired by his vision and his record of execution. And so I ditched my nascent startup and joined up with the Intel Services Division at Intel. We had a wonderful run of it – many challenges to surmount, chief among them an internal culture that had a hard time learning how to monetize software and cloud services. I met some amazing co-workers, like Margaret Burgraff, Brooks Talley and Erik Holt, and was able to work alongside stellar thought leaders in the industry, including luminaries I respect like Bruce Horn, Lama Nachman, Genevieve Bell and Monica Martinez-Canales. These team members inspired me, and I learned so much from their partnership and collegiality on the journey. We launched the Intel Context Sensing SDK, with keynote acclamation by Intel’s senior leadership. My architectural and product leadership helped our product line to navigate through many turbulent waters to achieve great success. I’m very proud of the several engineering teams that contributed to this code base. I have especially fond memories of living in Argentina and working day to day with my team there in South America. I also have great memories of building a new team in the United States and hiring stellar engineering leads like Neelay Shah. Today, Intel’s Context Sensing libraries are deployed on tens of millions of devices. My team made user interactions and biometric solutions better for Intel’s partners all over the world. Over time, the team I led morphed into another software organization inside Intel. In this new organization over the past year, I’ve been able to build another great organization and lead another team of fantastic technical consulting engineers. I made a positive difference at Intel. In summer 2018, I was approached by the executive recruiting team at Sterling Talent Solutions. The team at Sterling had recently brought back their dynamic founding CEO, Billy Greenblatt, and Billy had a big vision to revitalize his company and take it to the next level of financial and technology success. He was making acquisitions, and he was no longer content with the status quo. At first, I was hesitant to talk to Sterling. I’d made such an impact at Intel, and I was leading this great new team of technical consulting engineers that I’d hand-picked...

*A note that I sent my team at Intel today, after nearly seven years of great work together READ an update to this post with details about my new role at Sterling as GM for SureID >> Team – I’m leaving Intel. It’s bittersweet because we’ve done so many amazing things together, but I have an opportunity I simply can’t turn down in the startup space. I’m leaving to become GM/CEO of a company in the biometrics authentication space. I’ve been at Intel for nearly 7 years and I deeply appreciate the camaraderie and professionalism of all the people at Intel. It’s just time for me to move on, so I can keep learning and growing. Favorite memories at Intel include getting OpenVINO out the door at Embedded Vision this year to great acclaim, shepherding the GPA team during Gary’s sabbatical, presenting our software on the show floor to thousands of developers at Google I/O Day Zero with a set of outstanding software engineers (3 years running!), enjoying Mobile World Congress with Jeff McVeigh, moving my family to Argentina in 2013 for Intel to be on-site there with the fantastic Intel Cordoba engineering team for half a year, and launching the Context Sensing SDK in the IDF keynote demo in 2015, presenting on stage with BK and Doug Fisher. I’d like to thank Claire for her partnership, Stewart and Al for their companionship on the journey, and the stellar colleagues in VCP, especially Vladimir, Jeff M, Mrinal, Neena and Neelay. Thank you for all we’ve done together – keep striving to create excellent software and happy customers! Best regards, — Ned * some edits made for confidentiality READ an update to this post with details about my new role at Sterling as GM for SureID >> Please like &...

Great discussion at Gluecon this week in Colorado! Eric and Kim Norlin have created a great gathering of the minds that helps deeply technical people to come together and discover what’s happening in their industry. This year’s highlights for me were Adrian Cockcraft’s talk about “Chaos Architecture”, in which he unpacked how to build resilient systems, with examples of architectural design for AWS and Netflix and Lisa Kamm & Max Whitney talking about varieties of software devleopment lifecycles and finally Kris Nova of Heptio talking about containers, stateless engines and Kubernetes. I led a breakout session entitled “Ethics and AI: Thinking about the Implications of Algorithmic Design within Semi-Autonomous Systems.” I discussed a number of computer vision and machine learning scenarios (and I also threw in some laughs at recent science-fiction work that pretends that AI is much more of a threat than it really is, given the current state of the art). My session also provided a primer on basic concepts of ethical decision making and the distinction between legal activity and ethical activity, with some necessary considerations for algorithm designers, and a nod towards some future possibilities for tracing moral culpability within a system using blockchain or a similar technology. And here are the slides for my presentation CLICK HERE FOR PDF SLIDES Please like &...